We’re in an unbelievably exciting area of tech and are fundamentally reshaping the data storage industry. Here, you lead with innovative thinking, grow along with us, and join the smartest team in the industry.

This type of work—work that changes the world—is what the tech industry was founded on. So, if you're ready to seize the endless opportunities and leave your mark, come join us.

THE ROLE:

The Senior Manager, Security Operations – Detection Engineering & Incident Response will lead and evolve Pure’s Security Operations (Sec Ops) function across Detection Engineering, Threat Intelligence, and Incident Response (CIDR). The mission is to transform Sec Ops into a proactive, intelligence-driven, and outcome-oriented program that measurably reduces enterprise risk and strengthens security posture across cloud, SaaS, infrastructure, and endpoint environments.

This role sits at the intersection of detection, incident response, threat hunting, attack surface management, and platform security. You’ll build and mature a high-signal detection and response system — from telemetry pipelines to actionable alerts — ensuring every detection maps to real attacker behavior and closes meaningful risk paths.

You’ll partner closely with leaders across GRC, Product Security, Infrastructure, IAM, and Engineering to operationalize risk-informed detections, mature IR processes, and drive measurable improvements in security posture.

WHAT YOU’LL DO

Lead and mature the Detection Engineering and CIDR functions across threat detection, response workflows, incident triage, and automation

Build and maintain a comprehensive detection inventory categorized by threat type, log source, MITRE mapping, and detection method

Drive continuous validation through red team, purple team, and atomic testing

Own key Sec Ops metrics such as MTTD, MTTR, and alert quality to improve signal-to-noise ratio and detection confidence

Oversee ingestion of telemetry (AWS, Azure, SaaS, endpoint, network) into Splunk and SOAR pipelines

Ensure incident response workflows are automated, repeatable, and outcome-focused

Lead post-incident reviews and root-cause analyses, tracking corrective actions to closure

Correlate threat intelligence, detection gaps, and hunt findings into prioritized roadmap updates

Drive detection-to-remediation loops by partnering with ASM, Infra, IAM, App Sec, and GRC teams

Produce dashboards that connect technical posture to business risk and ownership metrics

Lead scenario-based tabletops, detection drills, and incident simulations

We are primarily an in-office environment and therefore, you will be expected to work from the Santa Clara, CA office in compliance with Pure’s policies, unless you are on PTO, work travel, or other approved leave.

WHAT YOU BRING

10+ years in cybersecurity, including 5+ years in detection, incident response, or Sec Ops leadership

• 5+ years of people management experience, including direct management of security engineering, detection engineering, or incident response teams, with responsibility for coaching, performance management, and team development.

Proven experience leading detection engineering and incident response teams at enterprise scale

Deep expertise with:

SIEM (Splunk preferred), SOAR (Tines, XSOAR), and EDR (Crowd Strike)

Cloud telemetry and detection (CloudTrail, Guard Duty, VPC flow)

Threat modeling, MITRE ATT&CK, and TTP-to-detection lifecycle

Experience with detection-as-code practices, version control, and CI/CD pipelines

Hands-on skills validating detections through replay, simulation, and log mining

Familiarity with frameworks such as CIS Controls, NIST 800-53, and SOC 2

Ability to translate complex security data into clear, executive-level insights

Proven cross-team collaboration with Infra, GRC, Product Security, and App teams

Strong written and verbal communication with an emphasis on clarity and measurable outcomes

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field, or equivalent practical experience

Preferred Qualifications

Experience operating in hybrid cloud and SaaS-heavy environments

Understanding of attacker behavior, threat intel feeds, and threat hunting workflows

Familiarity with secrets detection, data exfiltration indicators, and IAM anomaly detection

Certifications such as CISSP, GCIH, GCIA, OSCP, AWS Security, or equivalent

• Master’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, Business Administration (MBA), or a related field

*Salary ranges are determined based on role, level and location. For positions open to candidates in multiple geographical locations, the base salary range is reflective of the labor market across the applicable locations. *

*This role may be eligible for incentive pay and/or equity. *

There is no application deadline and we accept applications on an ongoing basis until the job is filled.

The annual base salary range is: $225,000—$338,000 USD

WHAT YOU CAN EXPECT FROM US:

• Innovation: We celebrate those who think critically, like a challenge, and aspire to be trailblazers.

• Growth: We give you the space and support to grow along with us and to contribute to something meaningful. We have been named Fortune's Best Workplaces in Technology™, Fortune's Best Workplaces in the Bay Area™, and certified as a Great Place to Work®!

• Team: We build each other up and set aside ego for the greater good.

And because we understand the value of bringing your full and best self to work, we offer a variety of perks to manage a healthy balance, including flexible time off, wellness resources, and company-sponsored team events. Check out purebenefits.com for more information.

ACCOMMODATIONS AND ACCESSIBILITY:

Candidates with disabilities may request accommodations for all aspects of our hiring process. For more on this, contact us at TA-Ops@purestorage.com if you’re invited to an interview.

OUR COMMITMENT TO A STRONG AND INCLUSIVE TEAM:

We’re forging a future where everyone finds their rightful place and where every voice matters. Where uniqueness isn’t just accepted but embraced. That’s why we are committed to fostering the growth and development of every person, cultivating a sense of community through our Employee Resource Groups and advocating for inclusive leadership.

Everpure is proud to be an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or any other characteristic legally protected by the laws of the jurisdiction in which you are being considered for hire.

Join us and bring your best.

Bring your bold.

Pure and simple.